4 files changed, 88 insertions, 23 deletions

diff --git a/bgpd/bgp_rpki.c b/bgpd/bgp_rpki.c
index b6f59d6712..1acb36127f 100644
--- a/bgpd/bgp_rpki.c
+++ b/bgpd/bgp_rpki.c
@@ -1278,37 +1278,89 @@ DEFPY (show_rpki_prefix,
 	return CMD_SUCCESS;
 }
 
-DEFUN (show_rpki_cache_server,
+DEFPY (show_rpki_cache_server,
        show_rpki_cache_server_cmd,
-       "show rpki cache-server",
+       "show rpki cache-server [json$uj]",
        SHOW_STR
        RPKI_OUTPUT_STRING
-       "SHOW configured cache server\n")
+       "Show configured cache server\n"
+       JSON_STR)
 {
+	struct json_object *json = NULL;
+	struct json_object *json_server = NULL;
+	struct json_object *json_servers = NULL;
 	struct listnode *cache_node;
 	struct cache *cache;
 
+	if (uj) {
+		json = json_object_new_object();
+		json_servers = json_object_new_array();
+		json_object_object_add(json, "servers", json_servers);
+	}
+
 	for (ALL_LIST_ELEMENTS_RO(cache_list, cache_node, cache)) {
 		if (cache->type == TCP) {
-			vty_out(vty, "host: %s port: %s\n",
-				cache->tr_config.tcp_config->host,
-				cache->tr_config.tcp_config->port);
+			if (!json) {
+				vty_out(vty, "host: %s port: %s\n",
+					cache->tr_config.tcp_config->host,
+					cache->tr_config.tcp_config->port);
+			} else {
+				json_server = json_object_new_object();
+				json_object_string_add(json_server, "mode",
+						       "tcp");
+				json_object_string_add(
+					json_server, "host",
+					cache->tr_config.tcp_config->host);
+				json_object_string_add(
+					json_server, "port",
+					cache->tr_config.tcp_config->port);
+				json_object_array_add(json_servers,
+						      json_server);
+			}
 
 #if defined(FOUND_SSH)
 		} else if (cache->type == SSH) {
-			vty_out(vty,
-				"host: %s port: %d username: %s server_hostkey_path: %s client_privkey_path: %s\n",
-				cache->tr_config.ssh_config->host,
-				cache->tr_config.ssh_config->port,
-				cache->tr_config.ssh_config->username,
-				cache->tr_config.ssh_config
-					->server_hostkey_path,
-				cache->tr_config.ssh_config
-					->client_privkey_path);
+			if (!json) {
+				vty_out(vty,
+					"host: %s port: %d username: %s server_hostkey_path: %s client_privkey_path: %s\n",
+					cache->tr_config.ssh_config->host,
+					cache->tr_config.ssh_config->port,
+					cache->tr_config.ssh_config->username,
+					cache->tr_config.ssh_config
+						->server_hostkey_path,
+					cache->tr_config.ssh_config
+						->client_privkey_path);
+			} else {
+				json_server = json_object_new_object();
+				json_object_string_add(json_server, "mode",
+						       "ssh");
+				json_object_string_add(
+					json_server, "host",
+					cache->tr_config.ssh_config->host);
+				json_object_int_add(
+					json_server, "port",
+					cache->tr_config.ssh_config->port);
+				json_object_string_add(
+					json_server, "username",
+					cache->tr_config.ssh_config->username);
+				json_object_string_add(
+					json_server, "serverHostkeyPath",
+					cache->tr_config.ssh_config
+						->server_hostkey_path);
+				json_object_string_add(
+					json_server, "clientPrivkeyPath",
+					cache->tr_config.ssh_config
+						->client_privkey_path);
+				json_object_array_add(json_servers,
+						      json_server);
+			}
 #endif
 		}
 	}
 
+	if (json)
+		vty_json(vty, json);
+
 	return CMD_SUCCESS;
 }
 
@@ -1413,8 +1465,8 @@ DEFPY (show_rpki_cache_connection,
 						       "ssh");
 				json_object_string_add(json_conn, "host",
 						       ssh_config->host);
-				json_object_string_add(json_conn, "port",
-						       ssh_config->port);
+				json_object_int_add(json_conn, "port",
+						    ssh_config->port);
 				json_object_int_add(json_conn, "preference",
 						    cache->preference);
 				json_object_string_add(
diff --git a/doc/user/rpki.rst b/doc/user/rpki.rst
index f03d8233f7..ece788d9e3 100644
--- a/doc/user/rpki.rst
+++ b/doc/user/rpki.rst
@@ -216,10 +216,14 @@ Displaying RPKI
    received from the cache servers and stored in the router. Based on this data,
    the router validates BGP Updates.
 
-.. clicmd:: show rpki cache-connection [json]
+.. clicmd:: show rpki cache-server [json]
 
    Display all configured cache servers, whether active or not.
 
+.. clicmd:: show rpki cache-connection [json]
+
+   Display all cache connections, and show which is connected or not.
+
 .. clicmd:: show bgp [afi] [safi] <A.B.C.D|A.B.C.D/M|X:X::X:X|X:X::X:X/M> rpki <valid|invalid|notfound>
 
    Display for the specified prefix or address the bgp paths that match the given rpki state.
diff --git a/docker/alpine/Dockerfile b/docker/alpine/Dockerfile
index 79ae315679..fa4b9859b9 100644
--- a/docker/alpine/Dockerfile
+++ b/docker/alpine/Dockerfile
@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1
 
 # Create a basic stage set up to build APKs
-FROM alpine:3.13 as alpine-builder
+FROM alpine:3.15 as alpine-builder
 RUN apk add \
 		--update-cache \
 		abuild \
@@ -22,7 +22,7 @@ RUN cd /libyang \
 	&& abuild -r -P /pkgs/apk
 
 # This stage builds a dist tarball from the source
-FROM alpine:3.13 as source-builder
+FROM alpine:3.15 as source-builder
 
 RUN mkdir -p /src/alpine
 COPY alpine/APKBUILD.in /src/alpine
@@ -33,6 +33,7 @@ RUN source /src/alpine/APKBUILD.in \
 		$makedepends \
 		gzip \
 		py-pip \
+		rtrlib \
 	&& pip install pytest
 
 RUN mkdir -p /pkgs/apk
@@ -66,7 +67,7 @@ RUN cd /dist \
 	&& abuild -r -P /pkgs/apk
 
 # This stage installs frr from the apk
-FROM alpine:3.13
+FROM alpine:3.15
 RUN mkdir -p /pkgs/apk
 COPY --from=frr-apk-builder /pkgs/apk/ /pkgs/apk/
 RUN apk add \
diff --git a/tests/topotests/pbr_topo1/test_pbr_topo1.py b/tests/topotests/pbr_topo1/test_pbr_topo1.py
index 586d9217d2..8506a15135 100644
--- a/tests/topotests/pbr_topo1/test_pbr_topo1.py
+++ b/tests/topotests/pbr_topo1/test_pbr_topo1.py
@@ -234,15 +234,23 @@ def test_rule_linux_installation():
 
     logger.info("Checking for installed PBR rules in OS")
 
+    def _get_router_rules(router, expected):
+        actual = topotest.ip_rules(router)
+
+        logger.info(actual)
+        return topotest.json_cmp(actual, expected)
+
     router_list = tgen.routers().values()
     for router in router_list:
         rules_file = "{}/{}/linux-rules.json".format(CWD, router.name)
 
-        actual = topotest.ip_rules(router)
         expected = json.loads(open(rules_file).read())
 
+        test_func = partial(_get_router_rules, router, expected)
+
+        _, result = topotest.run_and_expect(test_func, None, count=20, wait=1)
         assertmsg = "Router {} OS rules mismatch".format(router.name)
-        assert topotest.json_cmp(actual, expected) is None, assertmsg
+        assert result is None, assertmsg
 
 
 if __name__ == "__main__":